CISPA: The Cyber Intelligence Sharing and Protection Act Heads For The Hill

After the huge protests back in January of this year regarding the now shelved SOPA and PIPA bills, US lawmakers have already created another bill, CISPA, that is set to have some very disturbing ramifications for people’s basic rights for privacy. This comes at the same time the UK is proposing to pass a very similar piece of legislation (pretty much exactly the same in terms of what information it can gather) which I wrote about earlier today.

The new bill, H.R. 3523, comes as lawmakers in Washington are trying to find new ways to tackle cyber security issues relating to US interests, and as a result the Rogers-Ruppersberger Cyber Security Bill was created. However, as with SOPA/ PIPA the wording of the bill is very vague to say the least and is very open to abuse by federal entities.

The Electronic Frontier Foundation, another online advocacy group, has also sharply condemned CISPA for what it means for the future of the Internet. “It effectively creates a ‘cybersecurity’’ exemption to all existing laws,” explains the EFF, who add in a statement of their own that “There are almost no restrictions on what can be collected and how it can be used, provided a company can claim it was motivated by ‘cybersecurity purposes.’”

The CDT have also expressed concern regarding the wording and implications for the legislation:

However, the bill goes much further, permitting ISPs to funnel private communications and related information back to the government without adequate privacy protections and controls. The bill does not specify which agencies ISPs could disclose customer data to, but the structure and incentives in the bill raise a very real possibility that the National Security Agency or the DoD’s Cybercommand would be the primary recipient.

The bill will come as great news to the NSA who have already built a massive complex in Bluffdale UT which was shrouded in secrecy for a long time. The heavily fortified $2 billion (£1.25 billion) centre should be operational in September 2013. Stored in near-bottomless databases will be all forms of communication, including private emails, mobile phone calls and Google searches, as well as personal data trails — travel itineraries, purchases and other digital “pocket litter”. It is the realisation of the “total information awareness” programme created by the Bush administration — which was killed by Congress in 2003 after an outcry over its potential for invading privacy.

The NSA will be one of the main federal entities that will be granted unfettered access to people’s newly tapped online information. Last month the NSA appeared in front of congress insisting that the NSA has neither the technical nor the legal capabilities to capture and sift through communications from Americans.

A New York Times article written on April 3rd by ex-Special Advisor to President George W. Bush on cybersecurity, Richard Clarke, said that he would like the DHS to inspect all net traffic that flows in and out of the US.